Crowdstrike outage

[Left forum]

came across this

CrowdStrike and Microsoft: What we know about global IT outage

A mass IT outage has caused chaos around the world, with major airlines among the victims.

www.bbc.com

IT outage: What we know about the global tech meltdown, CrowdStrike and Microsoft so far

The head of cyber security firm CrowdStrike said on Friday morning a "fix has been deployed" after a "defect" was found in one of its software updates.

news.sky.com

'Absolute chaos' at Woolworths as outage strikes

Massive queues are forming outside Woolworths supermarkets as the global cyber outage continued and checkout machines crash 'one by one' like dominoes.

www.dailymail.co.uk

Microsoft outage updates: CrowdStrike issue still wreaking havoc despite fix

A fitting end to the week.

mashable.com

Microsoft tackles catastrophic global IT outage as 'CrowdStrike' security blames update bug for grounded flights and more

Bugs in 'CrowdStrike' security software updates trigger Blue-Screen-of-Death (BSOD) issues for airlines, TV networks, and more.

www.windowscentral.com

CrowdStrike outage sparks global chaos with airline, bank and other disruptions

IT outages have been reported across the globe as airlines, airports, banks and media companies have suddenly experienced ongoing disruptions.

abcnews.go.com

Statement on Falcon Content Update for Windows Hosts - crowdstrike.com

www.crowdstrike.com

 

[AccidentalDenz]

It's been pretty wild by all accounts

 

[Left forum]

It's been pretty wild by all accounts

apparently so,

 

[SpyderTracks]

We were so lucky, our clients werent affected, or at least not before I signed off, and I’ve got a week off now during the fallout.

I hope the NHS can get back up quickly, it won’t be affecting their embedded systems on scanners and things as those will be legacy ME or XP oses , but nurses will be having to take hand notes for a few days and it just adds to their already high workload

 

[Left forum]

and I’ve got a week off now during the fallout.

 

[Left forum]

@SpyderTracks

does this sound possible?

x.com

x.com

 

[Left forum]

CrowdStrike Windows Crisis: Is It Safe To Turn On Your PC?

Find out whether it's safe to turn on your Windows PC following the CrowdStrike incident that has taken down computers across the world

www.forbes.com

Earlier today, it issued a flawed update that effectively crippled millions of Windows PCs in countries all over the globe. The affected systems are unable to restart properly and simply display an error screen known as the blue screen of death.

The fault has been found and a fix has been issued, but early indications are that it will require each affected PC to be fixed manually, which could be a very slow process, giving that large businesses often have tens of thousands of computers in different locations and that many employees now work from home.

 

[SpyderTracks]

@SpyderTracks

does this sound possible?

x.com

x.com

From a theoretical standpoint, it was a driver update that is essentially an OS level network scannerto enable early detection of intrusions that had a buggy update

He is right, from our standpoint, you could get into advanced recovery from a BSOD windows and theoretically guide an end user through rolling back the OS to a version before the update was applied, but that’s IF you have system restore enabled which a lot of corporate machines won’t do these days if they’re intune managed.

The BSOD is preventing them booting into windows, so they can’t get any remote access by IT as the remote tools run in windows, similarly, Intune won’t be able to send an autopilot reset command through as that’s picked up in windows itself also.

So yeah, I’d agree with him, it’s the after effect getting people back booting that’s the headache.

This has been a hole in remote solutions with windows for a long time now, and is ever more important since the pandemic pushed more users remote. We need remote commands to be receivable outside of the OS at some intermediate stage IMHO, you don’t want it at bios level because that’s too much of a security risk, almost like having a UEFI type micro OS in the boot manager partition that could be remotely triggered by Intune.

Its outages like this that tend to lead to new solutions coming about, we need to get the partition structure updated for how remote management now is imho.

 

[TonyCarter]

Our company were affected, but it seems we escaped the worst of it as most people were still sleeping when the update rolled out, and out IT team delayed the update for all other machines, so you didn't get locked out on first boot.

The problem would have been much worse for us had they not done this mitigation as Bitlocker is enabled by default and we can't do anything 'serious' to the machine without an admin password...which is difficult if you can't even boot the computer to access the online helpdesk, and with even more people WFH than normal as it's a Friday.

 

[AccidentalDenz]

With me being off this week, I'm not going near my work laptop until the last possible moment (probably Sunday evening!) to double check when I'm in the office next week to lessen any chance of being caught up in all this

 

[TonyCarter]

CrowdStrike

xkcd.com

 

[Left forum]

so @AccidentalDenz and @SpyderTracks are off at the same time

 

[TonyCarter]

so @AccidentalDenz and @SpyderTracks are off at the same time

Sounds like a conspiracy to me…or an attempt to get triple-time overtime

 

[SpyderTracks]

so @AccidentalDenz and @SpyderTracks are off at the same time

The truth is after the Steam Sale, Denz needed some extra juice to power the gaming system, so I'm going around to ride a pedalo for a week to generate some emergency gaming power.

 

[Martinr36]

Sounds like a conspiracy to me…or an attempt to get triple-time overtime

Talking conspiracy, what about all that spam the other week when @Scott was on holiday, and now he's back its stopped

 

[Left forum]

The truth is after the Steam Sale, Denz needed some extra juice to power the gaming system, so I'm going around to ride a pedalo for a week to generate some emergency gaming power.

cant say im not surprised, denz powered up his rig the other day and the light went out in my fridge, better start peddling as homer cant see snacks

 

[Left forum]

Talking conspiracy, what about all that spam the other week when @Scott was on holiday, and now he's back its stopped

some say the best carpet fitter in dammam cleaned scotts carpet

 

[Left forum]

 

[Left forum]

 

[AccidentalDenz]

I do have to wonder if it was just one person who pushed out the update which broke everything, or if it was a perfect storm of a few different issues all colliding at once which took everything down. I've seen a few discussions on Twitter along those lines and there doesn't seem to be a consensus - I am aware that Twitter might not be the most reliable for answers of this particular nature, but it is entertaining trying to figure it out on there!